Questions tagged [syslog-ng]

The syslog-ng application is a flexible and highly scalable system logging application that is ideal for creating centralized and trusted logging solutions.

The syslog-ng application is a flexible and highly scalable system logging application that is ideal for creating centralized and trusted logging solutions. The main features of syslog-ng are summarized below.

Reliable log transfer: The syslog-ng application enables you to send the log messages of your hosts to remote servers using the latest protocol standards. The logs of different servers can be collected and stored centrally on dedicated log servers. Transferring log messages using the TCP protocol ensures that no messages are lost.
Secure logging using TLS: Log messages may contain sensitive information that should not be accessed by third parties. Therefore, syslog-ng supports the Transport Layer Security (TLS) protocol to encrypt the communication. TLS also allows the mutual authentication of the host and the server using X.509 certificates.
Direct database access: Storing your log messages in a database allows you to easily search and query the messages and interoperate with log analyzing applications. The syslog-ng application supports the following databases: MSSQL, MySQL, Oracle, PostgreSQL, and SQLite.
Heterogeneous environments: The syslog-ng application is the ideal choice to collect logs in massively heterogeneous environments using several different operating systems and hardware platforms, including Linux, Unix, BSD, Sun Solaris, HP-UX, Tru64, and AIX.
Filter and classify: The syslog-ng application can sort the incoming log messages based on their content and various parameters like the source host, application, and priority. Directories, files, and database tables can be created dynamically using macros. Complex filtering using regular expressions and boolean operators offers almost unlimited flexibility to forward only the important log messages to the selected destinations.
Parse and rewrite: The syslog-ng application can segment log messages to named fields or columns, and also modify the values of these fields.
IPv4 and IPv6 support: The syslog-ng application can operate in both IPv4 and IPv6 network environments; it can receive and send messages to both types of networks.

275 questions

vote

1 answer

Getting docker logs to graylog2 AND locally

I've been working on this problem for a couple days now and have had no luck finding answers. The setup is that I have several hosts running groups of docker containers, and I need to have local copies of all container logs AND on a centralized…

docker graylog2 syslog-ng

asked Mar 03 '17 at 18:30

Martin

vote

1 answer

how to increase log_message_size() in syslog-ng to more than 8K for specific source only and overide default

As per documentation, Syslog-ng allows 8192 bytes length per message by default. Syslog splitting the message into two when size is more than 8K. When I applied log_msg_size() parameter globally and modified value to 16K it works. But I want apply…

logging size syslog msg syslog-ng

asked Jan 09 '17 at 05:20

thezero

vote

0 answers

Remote logging server only receiving 200 lines

I have a syslog-ng (v3.5.6) server receiving logs from rsyslog (v5.8.6) on other servers. I have recently been trying to increase the maximum log size as our application can produce some hefty single lines. To test this, I have been passing text…

syslog rsyslog syslog-ng

asked Dec 30 '16 at 22:55

Tyrell Kumlin

vote

1 answer

Syslog-ng fails to read and write locally

This is my first question on StackOverflow so forgive me if I accidentally break some rules. What I am trying to do is have a program write a simple log and have syslog-ng read that log and then write to another file. This input log file is a file…

syslog-ng

asked Oct 04 '16 at 23:11

Bandith Phommounivong

vote

1 answer

syslog-ng keep source hostname and last relay

I have SSB and syslog-ng clients writing to it. I need to have in logs hostname of source of log (using keep_hostname(yes)) and IP of last relay, like with option keep_hostname(no) in log. I need both of them in the same log, how can I achieve that?…

syslog-ng

asked Feb 04 '16 at 12:06

akuzma

1,592
6
22
49

vote

1 answer

syslog-ng flush_lines option does not work

I use syslog-ng 3.5.3 on ubuntu 14.04 I need to reduce system load. So I would like to use flush_lines option. I added flush_lines(2) to global options. I confirm the behavior in terminal with tail -h /var/log/messages But log messages was written…

syslog-ng

asked Jul 30 '15 at 11:03

kiitosu

vote

2 answers

syslog-ng perl pipe dropping events

I'm trying to pipe syslogs to a perl script via syslog-ng but not all of the syslog entries make it through - maybe 1 in 3 actually happen. I've looked all over the place and can't find anyone remotely having the problem that I have. It seems so…

linux perl syslog syslog-ng

asked Jun 04 '15 at 03:28

ticontas

vote

1 answer

Error syslog-ng destination to mssql

I am trying to config Syslog-ng 3.2.5 on Centos 6.6 with destination to MsSql. Local destination is fine. I have installed all necessary packets. Here is my config: destination d_mssql{ sql( type(mssql) host("XX.XX.XX.XX") port("1433") …

sql-server syslog syslog-ng

asked May 19 '15 at 09:19

Giorgi Jokharidze

vote

1 answer

syslog-ng add plugin for elastic search

I have already installed syslog-ng. Now I want to write data directly to elastic search not using logstash. There as an add-on in syslog-ng for elastic search but I couldn't figure out how to install it. Please let me know, if anybody has did this…

elasticsearch syslog-ng

asked May 01 '15 at 18:19

Raj

vote

0 answers

Log4j2 SyslogAppender TCP to syslog-ng

I want to use log4j2 to send my log messages to an syslog server(syslog-ng in my case). I have two issues right now If I stop the syslog service, and start my application it says 2015-04-22 09:56:14,582 ERROR TcpSocketManager (TCP:192.168.0.81:1000)…

log4j2 syslog-ng

asked Apr 22 '15 at 08:03

user2071938

2,055
6
28
60

vote

0 answers

Sending syslog-ng events through a proxy server

Most applications have a specific method for using a proxy, what's the proper way to send syslog data through a proxy in syslog-ng?

proxy syslog-ng

asked Apr 16 '15 at 12:33

Tom Damon

vote

2 answers

Load balance TCP with HAProxy

I want to set load balancer for syslog-ng messages, so let say several boxes are sending TCP 514 messages to fronend interface of HAProxy box - 192.168.0.20 and there is one graylog server to which those messages are passed - 10.0.0.2. Below…

tcp haproxy syslog-ng

asked Apr 15 '15 at 13:11

drJAK

vote

0 answers

Haproxy log level

I have some question about log level in haproxy. Using haproxy, on the backend there is a database. I need to log errors in a separate file, but cant understand how to do that. I know about log-separate-errors. Maybe I need to add another one log…

haproxy syslog-ng

asked Mar 05 '15 at 07:45

user3904465

vote

2 answers

nginx send log to remote syslog server

I wanna send nginx access log to remote syslog-ng server. I installed syslog-ng each side (server-client). Client: 10.10.10.2 Server: 10.10.10.1 Some log files (messages,syslog,mail.log) are succesfully sent to server from client, but not send nginx…

nginx syslog-ng

asked Sep 19 '14 at 09:45

user218547

vote

2 answers

Using milestone 2 input plugin 'file'?

I am reading a log file using Logstash. Here are the Files: Config File: input { file{ path => "/home/cdot/Desktop/auth_log" start_position => beginning } } filter{ grok{ match => ["message", "%{TIMESTAMP_ISO8601: timestamp} %{HOSTNAME:…

logging syslog logstash syslog-ng

asked May 26 '14 at 11:41

Siddharth Trikha

2,648
8
57
101

Prev 1 2 3

…

18 19 Next